[11495] in North American Network Operators' Group
Re: [nsp] known networks for broadcast ping attacks
daemon@ATHENA.MIT.EDU (Craig A. Huegen)
Wed Jul 30 18:22:12 1997
Date: Wed, 30 Jul 1997 14:57:59 -0700 (PDT)
From: "Craig A. Huegen" <c-huegen@quadrunner.com>
To: cisco-nsp@cic.net
cc: "Jeffrey S. Curtis" <curtis@anl.gov>, amb@xara.net, nanog@merit.edu
In-Reply-To: <Pine.QUAD.3.96.970730145114.22799A-100000@quad.quadrunner.com>
On Wed, 30 Jul 1997, Craig A. Huegen wrote:
==>For Ciscos, "no ip directed-broadcast" on your interfaces will
==>prevent remote devices from sending directed broadcasts. No guarantees
==>about applications it might break, though.
Clarification: This won't keep you from getting attacked. However, it
will keep your network from receiving the ECHO and therefore you won't
send ECHO_RESPONSE.
/cah
